Executive Briefings

Maersk Line: Third-Party Data Not Affected by Petya

By: Maritime Executive 07.26.2017

In an update last week, Maersk Line gave more information into the causes and effects of the Petya cyberattack, which struck its core business IT systems on June 27. Its damage took Maersk weeks to fully repair.

Maersk Line reported that its operations and communications were significantly affected by the attack, but "no data breach or data loss to third-parties is known to have occurred as of this date." Customer systems connected to Maersk's IT were not affected and were not at risk, as confirmed by Maersk's internal staff and by external cyber experts, who report that Petya is not able to spread between networks.

In the wake of the attack, many external observers wondered whether Maersk Line's servers were properly patched and updated. Petya used an exploit similar to the "WannaCry" malware to move between computers running older, unpatched versions of Windows. Maersk Line said that patches and antivirus software were not an effective form of protection against Petya, and that it has added new defenses.

The carrier said that intends to conduct an internal review after its systems are back up to normal, and will share lessons from the attack with its customers and partners.

Maersk Line reported that its operations and communications were significantly affected by the attack, but "no data breach or data loss to third-parties is known to have occurred as of this date." Customer systems connected to Maersk's IT were not affected and were not at risk, as confirmed by Maersk's internal staff and by external cyber experts, who report that Petya is not able to spread between networks.

In the wake of the attack, many external observers wondered whether Maersk Line's servers were properly patched and updated. Petya used an exploit similar to the "WannaCry" malware to move between computers running older, unpatched versions of Windows. Maersk Line said that patches and antivirus software were not an effective form of protection against Petya, and that it has added new defenses.

The carrier said that intends to conduct an internal review after its systems are back up to normal, and will share lessons from the attack with its customers and partners.